问题
I've provisioned a device in AWS with device Certificate which is signed by my CA. Also, I've registered my CA along with verificationCert in AWS previously.
Now when I send the data, In the options,
var awsIot = require('aws-iot-device-sdk');
var device = awsIot.device({
privateKey: '--BEGIN RSA PRIVATE KEY--', //private key of my device
clientCert: '--BEGIN CERTIFICATE --', //cat deviceCertificate and registered CA
caCert: '--BEGIN CERTIFICATE--', //Amazon root CA
clientId: 'Thing01',
region: 'us-west-2',
host: xxxxxxxx.iot.us-west-2.amazonaws.com,
secretKey: 'dcvevv',
accessKeyId: 'ferferer'
});
device.on('connect',function(err){
device.publish('$aws/things/Thing01/shadow/update',JSON.stringify({
"state" :{
"desired": {
"color": "blue"
}
}
})
);
})
I'm getting below error
throw new Error(exceptions.INVALID_CA_CERT_OPTION); ^ Error: Invalid "caCert" option supplied.
Can anyone let me know where I'm doing wrong in the above code snippet?
Edit1: After making corrections in the options, below is the code:
var awsIot = require('aws-iot-device-sdk');
var device = awsIot.device({
host:'xxxxx.iot.us-west-2.amazonaws.com',
keyPath : './certs/deviceTest/5e2570c0605418.key',
certPath : './certs/deviceTest/5e2570c0605418AndCA.crt', //cat of device and Registered CA
caPath : './certs/rootCA.pem', //public cert of AWS root CA1
clientId: 'ManualDevice_01', //ThingName
region : 'us-west-2',
secretKey: 'xxxxxxxxxxxx',
accessKeyId: 'xxxxxxxxxxxxxxxx'
});
console.log("Invoking on connect");
device.on('connect',function(error ){
console.log("In on connect !!");
if(error)
console.log('could not connect');
device.publish('$aws/things/ManualDevice_01/shadow/update',JSON.stringify({
"state" : {
"desired" : {
"color" : "pink",
"power" : "off",
"val":"1"
}
}
} ), function(err){
if(err)
console.log("Could not send : Error : "+err)
else
{
console.log("Sent data")
}
}
);
console.log('Message sent........')
})
device.on('message',function(topic,payload){
console.log('message',topic,payload.toString());
})
The statements inside device.on('connect') are not getting executed. I could see only "Invoking on connect" being printed
Edit 2: Issue is resolved!!!
While creating a device, I have to attach Policy to it. Then I'm able to send the data in above specified way through MQTT with certificates.
回答1:
The doc implies you should be passing paths to the files for the TLS certificate's and key.
e.g.
var device = awsIot.device({
keyPath: <YourPrivateKeyPath>,
certPath: <YourCertificatePath>,
caPath: <YourRootCACertificatePath>,
clientId: <YourUniqueClientIdentifier>,
host: <YourCustomEndpoint>
});
Later on in the same doc it says caCert can be a buffer (not a String)
caCert: same as caPath, but can also accept a buffer containing CA certificate data
This means you will need to decode the string value first.
来源:https://stackoverflow.com/questions/61161984/aws-iot-connection-error-invalid-cacert-option-supplied-with-aws-iot-device